|
48 | 48 | PSD products but more specific requirements and assurance activities apply depending on the types of |
49 | 49 | physical and logical interfaces provided by a PSD. Therefore, additional Security Functional Requirements |
50 | 50 | (SFRs) have been defined in this PP‐Module to define security functionality that is unique to a PSD that |
51 | | - provides the ability to support user authentication devices. |
| 51 | + provides the ability to support user authentication devices. <h:br/><h:br/> |
| 52 | + This PP-Module is intended for use with the following Base-PPs:<h:ul> |
| 53 | + <h:li>Peripheral Sharing Devices Protection Profile, Version 5.0</h:li> |
| 54 | + </h:ul> |
52 | 55 | </section> |
53 | 56 |
|
54 | 57 | <tech-terms> |
|
198 | 201 | <sec:Threats> |
199 | 202 | <threats> |
200 | 203 | <threat name="T.DATA_LEAK"> |
201 | | - <from base="bpp-psd"/> |
| 204 | + <from base="bpp-psd"/> |
| 205 | + <description>This threat from the PSD PP also applies to the functionality defined in this PP-Module.</description> |
202 | 206 | <addressed-by>FDP_FIL_EXT.1/UA</addressed-by><rationale>Mitigates this threat |
203 | 207 | by filtering unauthorized devices that could facilitate data leakage.</rationale> |
204 | 208 | <addressed-by>FDP_PDC_EXT.2/UA</addressed-by><rationale>Mitigates this threat by only |
|
671 | 675 |
|
672 | 676 | <con-op-en/> |
673 | 677 |
|
| 678 | + |
674 | 679 | <con-mod ref="T.DATA_LEAK"> |
675 | 680 | This threat is from the PSD PP, thus no conflict exists. |
676 | 681 | </con-mod> |
| 682 | + <con-mod ref="T.RESIDUAL_LEAK"> |
| 683 | + This threat is from the PSD PP, thus no conflict exists. |
| 684 | + </con-mod> |
677 | 685 | <con-mod ref="T.SIGNAL_LEAK"> |
678 | 686 | This threat is from the PSD PP, thus no conflict exists. |
679 | 687 | </con-mod> |
|
703 | 711 | <fam-behavior>Components in this family define the requirements for termination of open sessions.</fam-behavior> |
704 | 712 | </ext-comp-def> |
705 | 713 |
|
| 714 | + <ext-comp-def title="User Authentication Isolation" fam-id="FDP_UAI_EXT"> |
| 715 | + <fam-behavior>Components in this family define the requirements for user authentication |
| 716 | + isolation.</fam-behavior> |
| 717 | + </ext-comp-def> |
| 718 | + |
706 | 719 | <f-component name="Device Filtering" cc-id="fdp_fil_ext.1" status="invisible"> |
707 | 720 | <comp-lev>requires the TSF to specify the method of device filtering used for |
708 | 721 | peripheral interfaces and defines requirements for handling allowlists and denylists.</comp-lev> |
|
0 commit comments